News & Analysis as of

Protected Health Information Data Privacy Department of Health and Human Services (HHS)

Robinson+Cole Data Privacy + Security Insider

Insight Into DOGE’s Access to HHS’ Systems

Becker’s Hospital Review reports that the Department of Government Efficiency (DOGE) “has access to sensitive information in 19 HHS databases and systems,” according to a court filing obtained by Wired. HHS provided the...more

Bradley Arant Boult Cummings LLP

AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes

In this final blog post in the Bradley series on the HIPAA Security Rule notice of proposed rulemaking (NPRM), we examine how the U.S. Department of Health and Human Services (HHS) Office for Civil Rights interprets the...more

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Quarles & Brady LLP

Trump Administration Rescinds HHS Guidance on Privacy of Gender Affirming Care Data

Quarles & Brady LLP on

On February 20, 2025, the U.S. Department of Health and Human Services (“HHS”) took action pursuant to President Trump’s Executive Order 14187 (“EO 14187”), which is aimed at ending gender affirming care for minors. EO 14187...more

Health Care Compliance Association (HCCA)

We’ll Take the Fine: OCR’s ‘Unwarranted,’ Costly Demands Prompted Hospital’s $538K Payment

The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more

Bradley Arant Boult Cummings LLP

HHS’s Proposed Security Rule Updates Could Require Group Health Plan Document Changes and New Plan Sponsor Security Practices

Proposed regulations may require employers to invest additional resources to safeguard group health plan participants’ protected health information. In this installment of our blog series on the U.S. Department of Health...more

McGuireWoods LLP

HHS Proposed Rule May Enhance HIPAA Security but Leaves AI Questions Open

McGuireWoods LLP on

In response to increased cybersecurity threats and significant regulatory enforcement actions, on Dec. 27, 2024, the Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking seeking to enhance...more

Husch Blackwell LLP

Compliance with the HIPAA Privacy Rule to Support Reproductive Healthcare Privacy

Husch Blackwell LLP on

On April 22, 2024, the Health and Human Services’ Office for Civil Rights (OCR) issued the HIPAA Privacy Rule to Support Reproductive Health Care Privacy Final Rule. The final rule limits the sharing of protected health...more

McCarter & English, LLP

Season of Enforcement: OCR Announces Its Sixth Enforcement Action of 2025

With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more

Cozen O'Connor

Proposed Changes to the HIPAA Security Rule Will Have a Significant Impact on the Health Care Sector

Cozen O'Connor on

A few days ago, the U.S. Department of Health and Human Services (“HHS”), through its Office for Civil Rights, issued the proposed rule HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health...more

Whiteford

Client Alert: HIPAA Happenings: U.S. Department of Health and Human Services Proposes Updated HIPAA Cybersecurity Rules

Whiteford on

On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more

McDermott Will & Emery

HHS OCR Proposes Significant Modifications to HIPAA Security Rule

§ 160.101 Statutory basis and purpose. The requirements of this subchapter implement sections 1171–1180 of the Social Security Act (the Act), sections 262 and 264 of Public Law 104–191, section 105 of Public Law 110–233,...more

Akerman LLP - Health Law Rx

New Year, New HIPAA Security Rule Requirements? OCR Proposes Sweeping Changes for HIPAA Security Rule to Bolster Cybersecurity

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently proposed a sweeping rewrite of the HIPAA Security Rule that, if finalized, will require that many Covered Entities and their...more

Polsinelli

OCR Proposes Regulatory Facelift to the HIPAA Security Rule: Addressing the Current Cybersecurity Environment with More...

Polsinelli on

On January 6, 2025, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a “Notice of Proposed Rulemaking,” HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected...more

Troutman Pepper Locke

HIPAA Security Rule Revamp Is on the Horizon

Troutman Pepper Locke on

On January 6, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published significant proposed amendments (proposed rule) to the Security Rule under the Health Insurance Portability and...more

Shook, Hardy & Bacon L.L.P.

OCR Delivers A Year-End Surprise: A Draft Update of HIPAA's Security Rule

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) delivered a late-December surprise: a draft overhaul of the Health Insurance Portability and Accountability Act of 1996’s (HIPAA) Security Rule....more

Vorys, Sater, Seymour and Pease LLP

Texas Court Enjoins Enforcement of HIPAA Final Privacy Rule Against Individual Doctor and Clinic

On December 22, the day before the 2024 Final HIPAA Privacy Rule (2024 Rule) was set to go into effect, a federal district court in Texas enjoined enforcement of the 2024 Rule against Dr. Carmen Purl and Dr. Purl’s Fast Care...more

Quarles & Brady LLP

Compliance Eve Ends with HIPAA Reproductive Health Privacy Rule Order out of Texas: But is it a Gift or Lump of Coal for Regulated...

Quarles & Brady LLP on

December 23, 2024, was the compliance deadline for HIPAA covered entities and business associates to apply the protections of the HIPAA Privacy Rule to support Reproductive Health Care Privacy Final Rule—that is all covered...more

Davis Wright Tremaine LLP

Whether Naughty or Nice, Compliance Deadline for HIPAA Reproductive Care Privacy Is Coming to Town

We just want to provide a friendly reminder that, before key staff depart for the holidays, HIPAA covered entities and business associates should finalize their compliance with the 2024 HIPAA amendments related to...more

Health Care Compliance Association (HCCA)

Disclosure of Full Record to Employer Results in $35K Fine, Broad CAP; Echoes of 2017 HIV Case

It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more

Morgan Lewis - ML Benefits

Despite Challenges to Reproductive Healthcare Privacy Final Rule, Plan Sponsors Should Still Comply by December 23

The US Department of Health and Human Services’ (HHS) final rule on reproductive healthcare privacy is already subject to challenge even before its effective date. As described in our previous blog post, the HHS issued final...more

Holland & Knight LLP

HIPAA Tidings: A Look at OCR's Recent Enforcement Actions

Holland & Knight LLP on

In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more

Vorys, Sater, Seymour and Pease LLP

Just Say No!  HIPAA and Requests for Reproductive Health Information

On April 22, 2024, the Office of Civil Rights issued a Final Rule titled HIPAA Privacy Rule to Support Reproductive Health Care Privacy (2024 Final Privacy Rule). Originally Published by the American Bar Association....more

Quarles & Brady LLP

Happy Halloween: RIP to the HIPAA Privacy Rule?

Quarles & Brady LLP on

As we settle into spooky season, let’s take a minute to consider a recent development in health care privacy as we ask ourselves, is this a trick or a treat?...more

Health Care Compliance Association (HCCA)

Privacy Briefs: September 2024

The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more

131 Results
 / 
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide